Annotation of www/errata.html, Revision 1.429
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.417 miod 4: <title>OpenBSD 3.2 errata</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the OpenBSD CD errata page">
8: <meta name="keywords" content="openbsd,cd,errata">
9: <meta name="distribution" content="global">
1.372 horacio 10: <meta name="copyright" content="This document copyright 1997-2002 by OpenBSD.">
1.1 deraadt 11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.394 jsyn 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.68 deraadt 16: <h2><font color=#0000e0>
1.417 miod 17: This is the OpenBSD 3.2 release errata & patch list:
1.94 deraadt 18:
1.96 deraadt 19: </font></h2>
20:
1.94 deraadt 21: <hr>
1.240 jason 22: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.380 espie 23: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 24: <br>
1.419 deraadt 25: For errata on a certain release, click below:<br>
1.418 deraadt 26: <a href="errata21.html">2.1</a>,
27: <a href="errata22.html">2.2</a>,
28: <a href="errata23.html">2.3</a>,
29: <a href="errata24.html">2.4</a>,
30: <a href="errata25.html">2.5</a>,
31: <a href="errata26.html">2.6</a>,
32: <a href="errata27.html">2.7</a>,
33: <a href="errata28.html">2.8</a>,
34: <a href="errata29.html">2.9</a>,
35: <a href="errata30.html">3.0</a>,
36: <a href="errata31.html">3.1</a>.
37: <br>
1.94 deraadt 38: <hr>
39:
1.417 miod 40: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2.tar.gz>
1.142 deraadt 41: You can also fetch a tar.gz file containing all the following patches</a>.
42: This file is updated once a day.
43:
1.240 jason 44: <p> The patches below are available in CVS via the
1.420 deraadt 45: <code>OPENBSD_3_2</code> <a href="stable.html">patch branch</a>.
1.278 ericj 46:
47: <p>
1.420 deraadt 48: For more detailed information on how to install patches to OpenBSD, please
1.409 jufi 49: consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
1.142 deraadt 50: <hr>
51:
1.197 deraadt 52: <dl>
1.43 deraadt 53: <a name=all></a>
1.67 deraadt 54: <li><h3><font color=#e00000>All architectures</font></h3>
1.25 deraadt 55: <ul>
1.426 margarid 56: <a name=ssl></a>
57: <li><font color=#009000><strong>007: SECURITY FIX: February 22, 2003</strong></font><br>
1.427 margarid 58: In
59: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> an information leak can occur via timing by performing a MAC computation
1.429 ! brad 60: even if incorrrect block cipher padding has been found, this is a
! 61: countermeasure. Also, check for negative sizes in memory allocation routines.<br>
1.426 margarid 62: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/007_ssl.patch">A
63: source code patch exists which fixes these two issues</a>.
64: <p>
1.425 millert 65: <a name=cvs></a>
66: <li><font color=#009000><strong>006: SECURITY FIX: January 20, 2003</strong></font><br>
67: A double free in
68: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>
69: could allow an attacker to execute code with the privileges of the
70: user running cvs. This is only an issue when the cvs command is
71: being run on a user's behalf as a different user. This means that,
72: in most cases, the issue only exists for cvs configurations that use
1.429 ! brad 73: the <em>pserver</em> client/server connection method.<br>
1.425 millert 74: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/006_cvs.patch">A
75: source code patch exists which remedies the problem</a>.
76: <p>
1.423 millert 77: <a name=named></a>
78: <li><font color=#009000><strong>005: SECURITY FIX: November 14, 2002</strong></font><br>
79: A buffer overflow in
80: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>
81: could allow an attacker to execute code with the privileges of named.
82: On OpenBSD, named runs as a non-root user in a chrooted environment
1.424 millert 83: which mitigates the effects of this bug.<br>
1.423 millert 84: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/005_named.patch">A
85: source code patch exists which remedies the problem</a>.
86: <p>
1.422 miod 87: <a name=pool></a>
88: <li><font color=#009000><strong>004: RELIABILITY FIX: November 6, 2002</strong></font><br>
89: A logic error in the
90: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool</a>
91: kernel memory allocator could cause memory corruption in low-memory situations,
92: causing the system to crash.<br>
93: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/004_pool.patch">A
94: source code patch exists which remedies the problem</a>.
95: <p>
96: <a name=smrsh></a>
97: <li><font color=#009000><strong>003: SECURITY FIX: November 6, 2002</strong></font><br>
98: An attacker can bypass the restrictions imposed by sendmail's restricted shell,
99: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smrsh&sektion=8">smrsh(8)</a>,
100: and execute arbitrary commands with the privileges of his own account.<br>
101: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/003_smrsh.patch">A
102: source code patch exists which remedies the problem</a>.
103: <p>
104: <a name=pfbridge></a>
105: <li><font color=#009000><strong>002: RELIABILITY FIX: November 6, 2002</strong></font><br>
106: Network
107: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridges</a>
108: running
109: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf</a>
110: with scrubbing enabled could cause mbuf corruption,
111: causing the system to crash.<br>
112: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/002_pfbridge.patch">A
113: source code patch exists which remedies the problem</a>.
114: <p>
1.421 miod 115: <a name=kadmin></a>
116: <li><font color=#009000><strong>001: SECURITY FIX: October 21, 2002</strong></font><br>
117: A buffer overflow can occur in the
118: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kadmind&sektion=8">kadmind(8)</a>
119: daemon, leading to possible remote crash or exploit.<br>
120: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/001_kadmin.patch">A source code patch exists which remedies the problem</a>.
121: <p>
1.25 deraadt 122: </ul>
1.177 deraadt 123: <p>
1.42 deraadt 124: <a name=i386></a>
1.67 deraadt 125: <li><h3><font color=#e00000>i386</font></h3>
1.25 deraadt 126: <ul>
1.384 deraadt 127: <li>No problems identified yet.
1.323 deraadt 128: </ul>
1.285 deraadt 129: <p>
1.323 deraadt 130: <a name=alpha></a>
131: <li><h3><font color=#e00000>alpha</font></h3>
132: <ul>
133: <li>No problems identified yet.
1.39 deraadt 134: </ul>
1.155 deraadt 135: <p>
1.47 deraadt 136: <a name=mac68k></a>
1.67 deraadt 137: <li><h3><font color=#e00000>mac68k</font></h3>
1.39 deraadt 138: <ul>
1.323 deraadt 139: <li>No problems identified yet.
1.25 deraadt 140: </ul>
1.155 deraadt 141: <p>
1.65 deraadt 142: <a name=sparc></a>
1.67 deraadt 143: <li><h3><font color=#e00000>sparc</font></h3>
1.25 deraadt 144: <ul>
1.323 deraadt 145: <li>No problems identified yet.
1.39 deraadt 146: </ul>
1.177 deraadt 147: <p>
1.355 deraadt 148: <a name=sparc64></a>
149: <li><h3><font color=#e00000>sparc64</font></h3>
1.93 deraadt 150: <ul>
1.384 deraadt 151: <li>No problems identified yet.
1.25 deraadt 152: </ul>
1.155 deraadt 153: <p>
1.355 deraadt 154: <a name=amiga></a>
155: <li><h3><font color=#e00000>amiga</font></h3>
1.25 deraadt 156: <ul>
1.281 deraadt 157: <li>No problems identified yet.
1.25 deraadt 158: </ul>
1.155 deraadt 159: <p>
1.281 deraadt 160: <a name=hp300></a>
161: <li><h3><font color=#e00000>hp300</font></h3>
1.59 deraadt 162: <ul>
1.323 deraadt 163: <li>No problems identified yet.
1.59 deraadt 164: </ul>
1.155 deraadt 165: <p>
1.281 deraadt 166: <a name=mvme68k></a>
167: <li><h3><font color=#e00000>mvme68k</font></h3>
1.56 deraadt 168: <ul>
1.323 deraadt 169: <li>No problems identified yet.
1.56 deraadt 170: </ul>
1.155 deraadt 171: <p>
1.355 deraadt 172: <a name=macppc></a>
173: <li><h3><font color=#e00000>macppc</font></h3>
1.110 millert 174: <ul>
1.384 deraadt 175: <li>No problems identified yet.
1.385 hugh 176: </ul>
1.386 hugh 177: <p>
1.281 deraadt 178: <a name=vax></a>
179: <li><h3><font color=#e00000>vax</font></h3>
1.25 deraadt 180: <ul>
1.232 deraadt 181: <li>No problems identified yet.
1.25 deraadt 182: </ul>
1.144 deraadt 183:
1.197 deraadt 184: </dl>
1.25 deraadt 185: <br>
1.75 deraadt 186:
1.25 deraadt 187: <hr>
1.240 jason 188: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.381 espie 189: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 190: <br>
1.419 deraadt 191: For errata on a certain release, click below:<br>
1.418 deraadt 192: <a href="errata21.html">2.1</a>,
193: <a href="errata22.html">2.2</a>,
194: <a href="errata23.html">2.3</a>,
195: <a href="errata24.html">2.4</a>,
196: <a href="errata25.html">2.5</a>,
197: <a href="errata26.html">2.6</a>,
198: <a href="errata27.html">2.7</a>,
199: <a href="errata28.html">2.8</a>,
200: <a href="errata29.html">2.9</a>,
201: <a href="errata30.html">3.0</a>,
202: <a href="errata31.html">3.1</a>.
203: <br>
204:
1.2 deraadt 205: <hr>
1.186 deraadt 206: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.2 deraadt 207: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.429 ! brad 208: <br><small>$OpenBSD: errata.html,v 1.428 2003/02/23 00:14:38 margarida Exp $</small>
1.2 deraadt 209:
210: </body>
211: </html>